The present invention refers to a method for anonymisation by transmitting an event data set from at least one data supplying entity supplying the event data set to at least one data aggregating entity aggregating the event data set wherein the data set includes at least one identifier identifying at least one user of the data supplying entity.
Communication systems enable communication between two or more entities. An entity in the context of this document should be defined as specific area that is organisational separated from other areas due to logical, physical or legal specifications. Besides moving payload data between these entities communication systems need to generate, collect and process management data such as addresses, locations, service descriptions etc. For instance, for a web server communicating with a client computer the web server needs to process the IP address of a client, requested URLs, HTTP header information and session data. In a mobile communication system additional data such as location information, type of services or identifiers identifying the mobile device (IMEI), the SIM cards (IMSI) are processed. Further, each communication relation creates additional data which are referred to in the following as a data set.
Further, said systems/networks, in particular mobile communication systems, might continuously collect additional data named as location event data during regular system/network operation. Each event data set is related to a specified event of an individual subscriber. Events may be triggered by a subscriber/user, the network or by a device which is of no importance for further processing. The data set includes several attributes describing different properties of the triggered event. These event data sets are associated with a personal identifier which enables allocation of the event data set to an individual subscriber of the communication system.
Furthermore, operators of communication systems register customer related data such as contact details and contract information. The collection of this data is either necessary for billing purposes or to hold available for authorities. In the following such data is defined as customer relation data (CRM). CRM data may get aggregated to form customer class data.
Due to holding this information such systems so called data supplying entities, in particular mobile communication systems, offer the possibility to provide information about the subscriber habits, for instance regarding their location data for a defined time interval. This data can either be used to create location profiles for geographical sites or to derive dynamic crowd movement patterns. In this context, the information could be useful for a wide range of applications in the area of traffic services, smart city services, infrastructure optimisation services, retail insight services, security services and many more. Therefore, it is desirable to provide the generated information in suitable form to parties so called data aggregating entities that benefit from applications like the aforementioned ones. Such parties could include local councils, public transport and infrastructure companies like public transport providers or electricity suppliers, retailers, major event organizers or public safety bodies and many more yet unknown uses and users.
However, it is mandatory to provide this information in an anonymous manner to protect the privacy of each individual, in particular each subscriber of the mobile communication system. Consequently, the provider of the mobile communication system (data supplying entity) supplying this information should only provide insights extracted from anonymised and aggregated data without selling disclosing personal information. Disclosure of any personal information is strictly prohibited in certain jurisdictions but may also be unwanted in others, tracking and identifying of individuals has to be avoided in any circumstances.